Finding Feature
Information

Your software release
may not support all the features documented in this module. For the latest
caveats and feature information, see
Bug Search Tool and the
release notes for your platform and software release. To find information about
the features documented in this module, and to see a list of the releases in
which each feature is supported, see the feature information table.

Use Cisco Feature
Navigator to find information about platform support and Cisco software image
support. To access Cisco Feature Navigator, go to
www.cisco.com/​go/​cfn.
An account on Cisco.com is not required.

Feature Overview

The Cisco Mobile Networks feature enables a mobile router and its subnets to be mobile and maintain all IP connectivity, transparent to the IP hosts connecting through this mobile router.

Mobile IP, as defined in standard RFC 3344, provides the architecture that enables the mobile router to connect back to its home network. Mobile IP allows a device to roam while appearing to a user to be at its home network. Such a device is called a mobile node. A mobile node is a node--for example, a personal digital assistant, a laptop computer, or a data-ready cellular phone--that can change its point of attachment from one network or subnet to another. This mobile node can travel from link to link and maintain ongoing communications while using the same IP address. There is no need for any changes to applications because the solution is at the network layer, which provides the transparent network mobility.

The Cisco Mobile Networks feature comprises three components--the mobile router (MR), home agent (HA), and foreign agent (FA). The figure below shows the three components and their relationships within the mobile network.

Figure 1. Cisco Mobile Network Components and Relationships

The mobile router functions similarly to the mobile node with one key difference--the mobile router allows entire networks to roam. For example, an airplane with a mobile router can fly around the world while passengers stay connected to the Internet. This communication is accomplished by Mobile IP aware routers tunneling packets, which are destined to hosts on the mobile networks, to the location where the mobile router is visiting. The mobile router then forwards the packets to the destination device.

These destination devices can be mobile nodes running mobile IP client software or nodes without the software. The mobile router eliminates the need for a mobile IP client. In fact, the nodes on the mobile network are not aware of any IP mobility at all. The mobile router "hides" the IP roaming from the local IP nodes so that the local nodes appear to be directly attached to the home network. See the
Mobile Router section later in this document for more details on how the mobile router operates.

A home agent is a router on the home network of the mobile router that provides the anchoring point for the mobile networks. The home agent maintains an association between the home IP address of the mobile router and its
care-of address , which is the current location of the mobile router on a foreign or visited network. The home agent is responsible for keeping track of where the mobile router roams and tunneling packets to the current location of the mobile network. The home agent also injects the mobile networks into its forwarding table. See the
Home Agent section later in this document for more details on how the home agent operates.

A foreign agent is a router on a foreign network that assists the mobile router in informing its home agent of its current care-of address. It functions as the point of attachment to the mobile router, delivering packets from the home agent to the mobile router. The foreign agent is a fixed router with a direct logical connection to the mobile router. The mobile router and foreign agent need not be connected directly by a physical wireless link. For example, if the mobile router is roaming, the connection between the foreign agent and mobile router occurs on interfaces that are not on the same subnet. This feature does not add any new functionality to the foreign agent component.

Previously, this feature was a static network implementation that supported stub routers only. Cisco IOS Release 12.2(13)T introduces dynamic network support, which means that the mobile router dynamically registers its mobile networks to the home agent, which reduces the amount of configuration required at the home agent. For example, if a home agent supports 2000 mobile routers, the home agent does not need 2000 configurations but only a range of home IP addresses to use for the mobile routers.

This feature implements additional features in the Mobile IP MIB (RFC2006-MIB) to support Cisco Mobile Networks. Prior to this release, mobile node groups in the RFC2006-MIB were not supported.

Cisco IOS Release 12.2(4)T implements mobile node MIB groups from the RFC2006-MIB for the monitoring and management of Cisco Mobile Network activity. Data from managed objects is returned through the use of the
show commands described in this document, or can be retrieved from a Network Management System using SNMP.

Mobile Router

Deployed on a mobile platform (such as a car, plane, train, or emergency medical services vehicle), the mobile router functions as a roaming router that provides connectivity for its mobile network. A device connected to the mobile router need not be a mobile node because the mobile router is providing the roaming capabilities.

The mobile router process has three main phases described in the following sections:

Agent Discovery

During the agent discovery phase, home agents and foreign agents advertise their presence on their attached links by periodically multicasting or broadcasting messages called agent advertisements
. Agent advertisements are ICMP Router Discovery Protocol (IRDP) messages that convey Mobile IP information. The advertisement contains the IRDP lifetime, which is the number of seconds the agent is considered valid. The advertisement also contains the care-of address, the point of attachment on the foreign network, as well as registration lifetime allowed and supported services such as generic routing encapsulation (GRE), and reverse tunnel.

Agent discovery occurs through periodic advertisements by agents or solicitations by the mobile router.

For periodic advertisements, the mobile router knows that the agent is up as long as it hears the advertisements from the agent. When the mobile router hears the agent advertisements, it keeps track of the agent in an agent table. When the IRDP lifetime expires, the agent is considered disconnected (for example, interface down, out of range, or agent down) and the mobile router removes the agent from its agent table.

Rather than wait for agent advertisements, a mobile router can send an agent solicitation. This solicitation forces any agents on the link to immediately send an agent advertisement.

The mobile router receives these advertisements on its interfaces that are configured for roaming and determines if it is connected to its home network or a foreign network. When the mobile router hears an agent advertisement and detects that it has moved outside of its home network, it begins registration, which is the second phase of the process.

Registration

The mobile router is configured with its home address, the IP address or addresses of its home agents, and the mobility security association of its home agent. There is a shared key between the mobile router and the home agent for authentication, as discussed in the Security for Mobile Networks section later in this document. The mobile router uses this information along with the information that it learns from the foreign agent advertisements to form a registration request.

The mobile router prefers to register with a particular agent based on the received interface. If more than one interface receives agent advertisements, the one with the highest roaming priority value is preferred. In the case that multiple interfaces have the same priority, the highest bandwidth is preferred. If interfaces have the same bandwidth, the highest interface IP address is preferred.

After determining this preferred path, the mobile router informs the home agent of its current care-of address by sending a registration request. Because the mobile router is attached to a foreign network, the registration request is sent first to the foreign agent.

When the mobile router powers down or determines that it is reconnected to its home link, it deregisters by sending a deregistration request to the home agent.

A successful registration sets up the routing mechanism for transporting packets to and from the mobile networks as the mobile router roams, which is the third phase of the process.

Routing

During the routing or tunneling phase, packets arrive at the home agent. The home agent performs two encapsulations of the packets and tunnels them to the foreign agent. The foreign agent performs one decapsulation and forwards the packets to the mobile router, which performs another decapsulation. The mobile router then forwards the original packets to the IP devices on the mobile networks.

By default, packets from devices on the mobile network arrive at the mobile router, which forwards them to the foreign agent, which routes them normally.

The mobile networks can be statically configured or dynamically registered on the home agent. As the mobile router moves from one foreign agent to another, the mobile router continuously reconfigures the default gateway definition to point to its new path. Although the mobile router can register through different foreign agents, the most recently contacted foreign agent provides the active connection.

A reverse tunnel is when the mobile router tunnels packets to the foreign agent and home agent. In this case, packets from devices arrive at the mobile router, which encapsulates them and then sends them to the foreign agent, which encapsulates the packets and forwards them to the home agent. The home agent decapsulates both encapsulations and routes the original packets.

Home Agent

The home agent provides the anchoring point for the mobile networks. The home agent process has two main phases described in the following sections:

Registration

After receiving the registration request originated from the mobile router, the home agent checks the validity of the registration request, which includes authentication of the mobile router. If the registration request is valid, the home agent sends a registration reply to the mobile router through the foreign agent.

The home agent also creates a mobility binding table
that maps the home IP address of the mobile router to the current care-of address of the mobile router. An entry in this table is called a mobility binding
. The main purpose of registration is to create, modify, or delete the mobility binding of a mobile router (or mobile node) at its home agent.

The home agent processes registration requests from the mobile router in the same way that it does with the mobile node. The only difference is that an additional tunnel is created to the mobile router. Thus, packets destined to the mobile networks are encapsulated twice, as discussed in the Routing section that follows. The home agent injects the mobile networks, which are statically defined or dynamically registered, into its forwarding table. This allows routing protocols configured on the home agent to redistribute these mobile routes.

Routing

The home agent advertises reachability to the mobile networks on the mobile router, thereby attracting packets that are destined for them. When a device on the Internet, called a
correspondent node, sends a packet to the node on the mobile network, the packet is routed to the home agent. The home agent creates tunnels in the following two areas:

Between the home agent and foreign agent care-of address

Between the home agent and mobile router

The home agent encapsulates the original packet from the correspondent node twice. The packet arrives at the foreign agent, which decapsulates the HA and FA care-of address tunnel header and forwards the packet to the mobile router, which performs another decapsulation (HA and MR tunnel header) to deliver the packet to the destination node on the mobile network. To the rest of the network, the destination node appears to be located at the home agent; however, it exists physically on the mobile network of the mobile router. See the figure above for a graphical representation of how these packets are routed.

Security for Mobile Networks

The home agent of the mobile router is configured with the home IP address of the mobile router and the mobile networks of the mobile router. The message digest algorithm 5 (MD5) hex key is a 128-bit key also defined here. MD5 is an algorithm that takes the registration message and a key to compute the smaller chunk of data called a message digest
. The mobile router and home agent both have a copy of the key, called a symmetric key
, and authenticate each other by comparing the results of the computation. If both keys yield the same result, nothing in the packet has changed during transit.

Mobile IP also supports the hash-based message authentication code (HMAC-MD5), which is the default authentication algorithm as of Cisco IOS Release 12.2(13)T.

Replay protection uses the identification field in the registration messages as a timestamp and sequence number. The home agent returns its time stamp to synchronize the mobile router for registration.

Cisco IOS software allows the mobility keys to be stored on an authentication, authorization, and accounting (AAA) server that can be accessed using TACACS+ or RADIUS protocols. Mobile IP in Cisco IOS software also contains registration filters, enabling companies to restrict who is allowed to register.

For more information on security in a Mobile IP environment, refer to the "Configuring Mobile IP" chapter of the Cisco IOS IP Configuration Guide
, Release 12.2.

Cisco Mobile Networks Redundancy

The Cisco Mobile Networks feature uses the Hot Standby Router Protocol (HSRP) to provide a full redundancy capability for the mobile router.

HSRP is a protocol developed by Cisco that provides network redundancy in a way that ensures that user traffic will immediately and transparently recover from failures. An HSRP group comprises two or more routers that share an IP address and a MAC (Layer 2) address and act as a single virtual router. For example, your Mobile IP topology can include one or more standby home agents that the rest of the topology views as a single virtual home agent.

You must define certain HSRP group attributes on the interfaces of the mobile routers so that Mobile IP can implement the redundancy. The mobile routers are aware of the HSRP states and assume the active or standby role as needed. For more information on mobile router redundancy, see the Enabling Mobile Router Redundancy task later in this document. For more information on home agent redundancy, which is a Cisco proprietary feature that runs on top of HSRP, refer to the "Configuring Mobile IP" chapter of the Cisco IOS IP Configuration Guide
, Release 12.2.

HSRP need not be configured on the foreign agent. Foreign agent redundancy is achieved by overlapping wireless coverage.

Benefits

Mobility Solution at the Network Layer

With the mobile router deployed in a moving vehicle, repeated reconfiguration of the various devices attached to that router as the vehicle travels is no longer necessary. Because the mobile router operates at the network layer and is independent of the physical layer, it operates transparently over cellular, satellite, and other wireless or fixed media.

Always-On Connection to the Internet

This feature supports an always-on connection to the Internet, providing access to current and changing information. For example, aircraft pilots can access the latest weather updates while flying and EMS vehicles can be in communication with emergency room technicians while on the way to the hospital.

Versatile

Any IP-enabled device can be connected to the mobile router LAN ports and achieve mobility. Applications that are not specifically designed for mobility can be accessed and deployed.

Dynamic Mobile Networks

The dynamic network enables dynamic registration of mobile networks, which results in minimal configuration on the home agent making administration and set up easier. When configured for dynamic registration, the mobile router tells the home agent which networks are configured in each registration request. The home agent dynamically adds these networks to the forwarding table and there is no need to statically define the networks on the home agent.

Preferred Path

By using the preferred path, a network designer can specify the primary link, based upon bandwidth or priority, to reduce costs or to use a specific carrier.

Standards-Based Solution

Mobile IP complies with official protocol standards of the Internet.

Mobile IP MIB Support

Support for mobile node MIB groups in the Mobile IP MIB allows the monitoring of Mobile Network activity using the Cisco IOS command line interface or SNMP. For further details, refer to the RFC2006-MIB.my file, available through Cisco.com at ftp://ftp.cisco.com/pub/mibs/v2/, and RFC 2006, The Definitions of Managed Objects for IP Mobility Support using SMIv2
.

To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:

Prerequisites

To configure home agent functionality on your router, you need to determine IP addresses or subnets for which you want to allow roaming service. If you intend to support roaming on virtual networks, you need to identify the subnets for which you will allow this service and place these virtual networks appropriately on the home agent. It is possible to enable home agent functionality for a physical or virtual subnet. In the case of virtual subnets, you must define the virtual networks on the router using the ipmobilevirtual-network global configuration command.

Enabling Home Agent Services

You can configure a home agent with both dynamically registered and statically configured mobile networks. However, a statically configured mobile network will always take precedence over dynamic registrations of the same network.

To enable home agent services on the router, use the following commands beginning in global configuration mode:

Defines a virtual network. Specifies that the home network is a virtual network, which means that the mobile router is not physically attached to the home agent. Adds the network to the home agent’s forwarding table so that routing protocols can redistribute the subnet.

Configures the mobile router as a mobile host. The IP address is in the home network.

The interfacename option configures a physical connection from the home agent to the mobile router.

Step 9

Router(config)# ipmobilemobile-networkslower [upper]

Configures mobile networks for the mobile host and enters mobile networks configuration mode. The upper range can be used only with dynamically registered networks and allows you to configure multiple mobile routers at once.

The range must match the range configured in theipmobilehost command.

Step 10

Router(mobile-networks)# descriptionstring

(Optional) Adds a description to a mobile router configuration.

Step 11

Router(mobile-networks)# networknetmask

(Optional) Configures a network that is attached to the mobile router as a mobile network. Use this command to statically configure networks.

Step 12

Router(mobile-networks)# register

(Optional) Dynamically registers the mobile networks with the home agent. The home agent learns about the mobile networks through this registration process. When the mobile router registers its mobile networks on the home agent, the home agent looks up the mobile network configuration and verifies that theregister command is configured before adding forwarding entries to the mobile networks.

If the register command is not configured, the home agent will reject an attempt by the mobile router to dynamically register its mobile networks.

Sets up mobile host security associations. This is the security association the mobile router uses when sending in a registration request. The SPI and key between the home agent and mobile router are known. The address is the home IP address of the mobile router.

Enabling Foreign Agent Services

There are no changes to the foreign agent configuration with the introduction of dynamic network support.

To start a foreign agent providing default services, use the following commands beginning in global configuration mode:

SUMMARY STEPS

1.
Router(config)# routermobile

2.
Router(config-router)# exit

3.
Router(config)# ipmobileforeign-agentcare-ofinterface

4.
Router(config)# interfacetypenumber

5.
Router(config-if)# ipaddressip-addressmask

6.
Router(config-if)# ipirdp

7.
Router(config-if)# ipirdpmaxadvertintervalseconds

8.
Router(config-if)# ipirdpminadvertintervalseconds

9.
Router(config-if)# ipirdpholdtimeseconds

10.
Router(config-if)# ipmobileforeign-service

DETAILED STEPS

Command or Action

Purpose

Step 1

Router(config)# routermobile

Enables Mobile IP on the router.

Step 2

Router(config-router)# exit

Returns to global configuration mode.

Step 3

Router(config)# ipmobileforeign-agentcare-ofinterface

Enables foreign agent services when at least one care-of address is configured. This is the foreign network termination point of the tunnel between the foreign agent and home agent. The care-of address is the IP address of the interface. The interface, whether physical or loopback, need not be the same as the visited interface.

Specifies the home agent that the mobile router uses during registration.

Step 6

Router(mobile-router)#
mobile-networkinterface

(Optional) Specifies the mobile router interface that is connected to the dynamic mobile network. There can be more than one mobile network configured on a mobile router. The mobile router’s registrations will contain these mobile networks.

Enabling Mobile Router Redundancy

To enable mobile router redundancy, use the following commands beginning in interface configuration mode. You need not configure HSRP on both the mobile router’s roaming interface and the interface attached to the physical mobile networks. If one of the interfaces is configured with HSRP, and the standbytrack command is configured on the other interface, the redundancy mechanism will work. See the Cisco Mobile Network Redundancy Example section for a configuration example.

Configures the router to preempt, which means that when the local router has a Hot Standby priority higher than the current active router, the local router should attempt to assume control as the active router.

Configures an interface so that the Hot Standby priority changes based on the availability of other interfaces. The interface-priority argument specifies the amount by which the Hot Standby priority for the router is decremented (or incremented) when the interface goes down (or comes back up). The default value is 10.

Step 6

Router(config-if)#
exit

Exits interface configuration mode.

Step 7

Router(config)#
ipmobilerouter

Enables the mobile router.

Step 8

Router(mobile-router)# redundancygroupname

Configures fault tolerance for the mobile router. The name argument must match the name specified in the standbynamegroup-name command.

Verifying Home Agent Configuration

To verify the home agent configuration, use the following commands in privileged EXEC mode, as needed:

Command

Purpose

Router# showipmobilemobile-networks[address]

Displays a list of mobile networks associated with the mobile router.

Router# showipmobilehost[address]

Displays mobile node information.

Router# showipmobilesecurehost[address]

Displays the mobility security associations for the mobile host.

Verifying Foreign Agent Configuration

To verify the foreign agent configuration, use the following commands in privileged EXEC mode, as needed:

Command

Purpose

Router# showipmobileglobal

Displays global information for mobile agents.

Router# showipmobileinterface

Displays advertisement information for interfaces that are providing foreign agent service or are home links for mobile nodes.

Verifying Mobile Router Configuration

To verify the mobile router configuration, use the following commands in privileged EXEC mode as needed:

Command

Purpose

Router# showipmobilerouter

Displays configuration information and monitoring statistics about the mobile router.

Router# showipmobileroutertraffic

Displays the counters that the mobile router maintains.

Verifying Mobile Router Redundancy

To verify that mobile router redundancy is configured correctly on the router, use the following commands in privileged EXEC mode, as needed:

Command

Purpose

Router# showipmobilerouter

Displays configuration information and monitoring statistics about the mobile router.

Router# showipmobileroutertraffic

Displays the counters that the mobile router maintains.

Router# showstandby

Displays HSRP information.

Troubleshooting Tips

Adjust the agent advertisement interval value on the foreign agent using the ipirdpmaxadvertintervalseconds interface configuration command. Begin by setting the timer to 10 seconds and adjust as needed.

Before you can ping a subnet on the mobile router, the mobile router must be registered with the home agent and the mobile network (subnet) must be statically configured or dynamically registered on the home agent.

Use extended pings for roaming interfaces. The pings from the mobile router need to have the home address of the mobile router as the source address in the extended ping. Standard pings will have the source address of the roaming interface as the source address, which is not routeable from the standpoint of the rest of the network unless the roaming interfaces are statically configured on the home agent.

Redistribute mobile subnets on the home agent so that return traffic can be sent back to the mobile router. Most routing protocols require that default metrics be configured for redistribution.

Establish a return route from the foreign agent to the home agent.

Avoid placing any routers behind the mobile router because the mobile router functions as a stub router.

Displays configuration information and monitoring statistics about the mobile router.

Router# showipmobilerouteragent

Displays information about the agents for the mobile router.

Router# showipmobilerouterinterface

Displays information about the interface that the mobile router is using for roaming.

Router# showipmobilerouterregistration

Displays the pending and accepted registrations of the mobile router.

Router# showipmobileroutertraffic

Displays counters that the mobile router maintains.

Router# debugipmobilerouter [detail]

Displays debug messages for the mobile router.

Configuration Examples

In the following examples, a home agent provides service for three mobile routers. Each mobile router has a satellite link and wireless LAN link when roaming. Each is allocated a network that can be partitioned further.

The mobile networks on the mobile routers are both statically configured and dynamically registered on the home agent while the mobile routers roam via foreign agents.

Cisco Mobile Network Redundancy Example

There can be three levels of redundancy for the Cisco Mobile Network: home agent redundancy, foreign agent redundancy, and mobile router redundancy.

In the home agent example, two home agents provide redundancy for the home agent component. If one home agent fails, the standby home agent immediately becomes active so that no packets are lost. HSRP is configured on the home agents, along with HSRP attributes such as the HSRP group name. Thus, the rest of the topology treats the home agents as a single virtual home agent and any fail-over is transparent.

The mobile networks also are defined on the home agent so that the home agent knows to inject these networks into the routing table when the mobile router is registered.

The mobile routers use HSRP to provide redundancy, and their group name is associated to the HSRP group name. The mobile routers are aware of the HSRP states. When HSRP is in the active state, the mobile router is active. If HSRP is in the nonactive state, the mobile router is passive. When an active mobile router fails, the standby mobile router becomes active and sends out solicitations out its roaming interfaces to learn about foreign agents and register.

See the figure below for an example topology of a redundant network where two mobile routers are connected to each other on a LAN with HSRP enabled.

Command Reference

The following commands are introduced or modified in the feature or features documented in this module. For information about these commands, see the
Cisco IOS IP Mobility Command Reference at http://www.cisco.com/en/US/docs/ios/ipmobility/command/reference/imo_book.html. For information about all Cisco IOS commands, go to the Command Lookup Tool at
http:/​/​tools.cisco.com/​Support/​CLILookup or to the
Cisco IOS Master Commands List .

address(mobilerouter)

clearipmobilerouteragent

clearipmobilerouterregistration

clearipmobileroutertraffic

debugipmobile

debugipmobilerouter

description(mobilenetworks)

home-agent

ipmobilemobile-networks

ipmobilerouter

ipmobilerouter-service

mobile-network

network(mobilenetworks)

redundancygroup

register(mobilenetworks)

register(mobilerouter)

reverse-tunnel

showipmobilebinding

showipmobilehost

showipmobilemobile-networks

showipmobilerouter

showipmobilerouteragent

showipmobilerouterinterface

showipmobilerouterregistration

showipmobileroutertraffic

Glossary

agentadvertisement--An advertisement message constructed by an attachment of a special extension to a ICMP Router Discovery Protocol (IRDP).

agentdiscovery--The method by which a mobile node or mobile router determines whether it is currently connected to its home network or a foreign network and detects whether it has moved and the way it has moved. It is the mechanism by which mobile nodes or mobile routers query and discover mobility agents. Agent discovery is an extension to ICMP Router Discovery Protocol (IRDP) (RFC 1256), which includes a mechanism to advertise mobility services to potential users.

agentsolicitation--A request for an agent advertisement sent by the mobile node or mobile router.

care-ofaddress--The termination point of the tunnel to a mobile node or mobile router. This can be a collocated care-of address, by which the mobile node or mobile router acquires a local address and detunnels its own packets, or a foreign agent care-of address, by which a foreign agent detunnels packets and forwards them to the mobile node or mobile router.

correspondentnode--A peer with which a mobile node is communicating. A correspondent node may be either stationary or mobile.

foreignagent--A router on the visited network of a foreign network that provides routing services to the mobile node while registered. The foreign agent detunnels and delivers packets to the mobile node or mobile router that were tunneled by the home agent of the mobile node. For packets sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes.

foreignnetwork--Any network other than the home network of the mobile node.

homeaddress--An IP address that is assigned for an extended time to a mobile node. It remains unchanged regardless of where the node is attached to the Internet.

homeagent--A router on a home network of the mobile node or that tunnels packets to the mobile node or mobile router while they are away from home. It keeps current location information for registered mobile nodes called a mobility binding
.

homenetwork--The network, possibly virtual, whose network prefix equals the network prefix of the home address of a mobile node.

link--A facility or medium over which nodes communicate at the link layer. A link underlies the network layer.

link-layeraddress--The address used to identify an endpoint of some communication over a physical link. Typically, the link-layer address is a MAC address of an interface.

mobilityagent--A home agent or a foreign agent.

mobilitybinding--The association of a home address with a care-of address and the remaining lifetime.

mobilenetwork--A network that moves with the mobile router. A mobile network is a collection of hosts and routes that are fixed with respect to each other but are mobile, as a unit, with respect to the rest of the Internet.

mobilenode--A host or router that changes its point of attachment from one network or subnet to another. A mobile node may change its location without changing its IP address; it may continue to communicate with other Internet nodes at any location using its home IP address, assuming that link-layer connectivity to a point of attachment is available.

mobilerouter--A mobile node that is a router. It provides for the mobility of one or more entire networks moving together, perhaps on an airplane, a ship, a train, an automobile, a bicycle, or a kayak. The nodes connected to a network served by the mobile router may themselves be fixed nodes or mobile nodes or routers.

mobilitysecurityassociation--A collection of security contexts between a pair of nodes that may be applied to Mobile IP protocol messages exchanged between them. Each context indicates an authentication algorithm and mode, a secret (a shared key or appropriate public/private key pair), and a style of replay protection in use.

registration--The process by which the mobile node is associated with a care-of address on the home agent while it is away from home. Registration may happen directly from the mobile node to the home agent or through a foreign agent.

roaminginterface--An interface used by the mobile router to detect foreign agents and home agents while roaming. Registration and traffic occur on the interface.

SPI--security parameter index. The index identifying a security context between a pair of nodes. On the home agent, the SPI identifies which shared secret to use to compute the md5 hash value.

tunnel--The path followed by a packet while it is encapsulated from the home agent to the mobile node. The model is that, while it is encapsulated, a packet is routed to a knowledgeable decapsulating agent, which decapsulates the datagram and then correctly delivers it to its ultimate destination.

virtualnetwork--A network with no physical instantiation beyond a router (with a physical network interface on another network). The router (a home agent, for example) generally advertises reachability to the virtual network using conventional routing protocols.

visitednetwork--A network other than the home network of a mobile node, to which the mobile node is currently connected.